Yes it should be mentioned if its not, so best is probably
to add this to the issues list so it gets properly checked.
Of course, I wouldn't be surprised if there were malware
variants of dsig (given that XPath is included!) that you
could come up with, but that's not an XKMS issue, its a
general dsig issue.
But, if anyone comes up with an interesting XKMS-specific
abuse of dsig then I'll buy 'em a beer or the politically
correct equivalent (E.g. using RetrievalMethod and multiple
XKMS clients/responders to generate an infintie loop? Probably
can't happen:-)
Cheers,
S.
Berin Lautenbach wrote:
>
> Hey all,
>
> Another obvious thought (I'm good at them :>).
>
> I assume there is a requirement on implementations to ensure that the
> signature(s) in a message actually refer(s) to the XKMS content. That's
> probably pretty obvious, but I can see some fairly trivial attacks
> against implementations that just check a signature is valid without
> ensuring that the reference actualy refers to the XKMS message.
>
> Is this something worth mentioning in the security section?
>
> Cheers,
> Berin
>